February 16, 2005

Domain Name Scams

I’m looking at a letter from a company called “ILSCORP.NET”. It is in reference to another domain name that Webmail.us owns. The notice date is February 15th, 2005. I have a customer number of CD474454XX.

“Please make checks payable to Internet Listing Service Corp. Please write your customer number on the front of your check Enclose check in the addressed envelope provided DO NOT SEND CASH”

Pretty serious stuff here, it goes on:

“To ensure listing by Feb 28, 2005, please remit payment on or before Feb 22, 2005 All listings are final”

Well, I’d better get right on this! But then there’s the text on the back that says, “This is not a bill. This is a solicitation. You are under no obligation to pay the amount stated above unless you accept this offer.”

It’s too bad that the rest of the document makes it look like we owe someone money to continue a service that we already had.

It’s always in the fine print

OK, the print is pretty legible, but it is clearly a font size or two down from the rest of the doc. And it’s on the back page when the front page already looks like a complete document.

The art of deception

There are a few subtle but convincing touches that scams such as this use to close deals and make money.

-- They use real information about you or your company --

In this case, they used our domain name. If you own a domain name then the billing address for your company and the names of contacts at your company are available through a standard Internet service known as WHOIS. Using this information allows them to customize their attack.

-- They create the impression that you are already a customer --

The customer number at the top of the “bill” seems legit. If I have a customer number, maybe I really did send these people money before.

The solicitation itself appears to be a bill. It has 3 major sections: “How to make payment:”, “Website address listing includes:”, and “Payment information:”. It shows me how much to pay and where to send my check—but, “Do not send cash”.

-- They create a sense of urgency --

Because “All listings are final”, I need to hurry and send them a check. They give me a due date of Feb 22. This sense of urgency might get me to respond before I look things over carefully.

-- Online risks --

It seems that being a domain name owner makes you a target for this and related scams. Having your WHOIS information freely available to the entire world is a double-edged sword.

And the more we all do business online, the harder it is to remember the names of businesses we use on an infrequent basis. It’s easy to make a mistake.

Other common scams to watch out for

Domain name slamming: you get an email or a letter telling you that your domain name will expire soon. The letter explains that in order to protect your domain name a check needs to be sent to company XYZ who can keep your domain name safe. The problem is that the letter doesn’t come from the company you used to register your domain.

Phishing: you get an email asking you to go to your bank or online retail store in order to update your contact information or to check on an order. The only problem is, that the links provided in the email don’t go to Amazon.com or whatever site you intended to visit. Instead, you end up at a site that closely mimics the real site and you might mistakenly hand over a username and password or perhaps even credit card information.

Nigerian email scam: this is an absolute classic. Read about it on Snopes.com. If you’ll front some money to a wealthy but helpless stranger, they’ll send you millions.

How to protect yourself

Keep good records! Knowing whether or not something is legit can be as easy as walking to a file cabinet and looking for a name that matches the letter or email you have received. Congress, with the Sarbanes-Oxley Act, is encouraging (enforcing?) record-keeping policies for businesses in the United States.

Pick up the phone and make a call. Or send an email. ILSCorp's letter to me and their website are both lacking a phone number-- a red flag in itself. Their website says I may have to wait up to 2 days for a response to the email I sent them this morning asking about their service and my domain name. I'll let you know when they get back with me. ;)

Email scams can generally be caught by good anti-spam filters. Yes, like the ones we use for our customers. But I don’t know a good way to filter snail mail except through a little extra time and attention to detail.

Comments

The saleman told me from whom I bought the shredder. All office shredders roll on casters for convenient sharing among offices. Every shredder model has a 10-year warranty on cutting heads and can take staples and paper clips which saves office stationary too.

Living in Florida there was an urgent need of shredder in the office so I called up the saleman who told me there was No sales tax on purchases delivered out of California! 10 year warranty on cutting heads & 1 year warranty on mechanical parts (parts only)!

According to the investigations Andersen partner David Duncan allegedly headed an effort to destroy documents related to Enron after learning the Securities and Exchange Commission had requested financial records from the company.

In a civil case, a judge can allow the jury to question a document-destroying party’s intentions. For example, judges in certain cases will tell jurors they should assume missing documents are harmful simply because they were destroyed–even if they never see the contents.

We look for system activity to see if someone was using a file-shredding program–which in itself isn’t illegal or unethical, unless you’re under subpoena or the threat of subpoena,” said Computer Forensics’ Feldman.

According to the investigations Andersen partner David Duncan allegedly headed an effort to destroy documents related to Enron after learning the Securities and Exchange Commission had requested financial records from the company.

We can also call this as Phishing Emails, where they tried to get your attention and as well as your identity information for them to freely commit identity theft.
This is really bad. I have been a victim too, but now fighting against it. Thanks to http://www.identitytheftprotection.org.

I differ with most people here; I found this post I couldn't stop until , even though it wasn't just what I had been searching for, was indeed a great read though. I will instantly take your feed to stay in touch of future updates.

I differ with most people here; I found this post I couldn't stop until , even though it wasn't just what I had been searching for, was indeed a great read though. I will instantly take your feed to stay in touch of future updates.

Your setting associated with local pharmacy exercise consists of currently established assignments including compounding in addition to providing prescription drugs, and in addition it contains more modern providers associated with health, such as specialized medical products and services, researching prescription drugs regarding protection as well as efficacy, and also furnishing medicine information. Buy Soma
Pharmacists, for that reason, are classified as the specialists upon medicine therapy and are also the principal scientific research that enhance prescription medication utilize to deliver sufferers using good wellbeing outcomes.